Cisco issued a patch for a critical CVE-2025-20156 vulnerability in its Meeting Management software, vital for its on-premises video meeting solutions. This flaw, which has a severity rating of 9.9, enables a remote attacker with low privileges to gain admin access by exploiting improper authorization in the REST API. Affected users are urged to update their software promptly, as the vulnerability is easy to exploit. While no known exploits are confirmed, the potential for emerging exploits exists, emphasizing the urgency of applying necessary updates.
Cisco has released a patch for a critical 9.9-rated vulnerability in its Meeting Management tool that could allow attackers to gain admin access.
The flaw, CVE-2025-20156, stems from improper authorization for REST API users, making it relatively easy to exploit.
Collection
[
|
...
]